Supported endpoint authentication types

Supported authentication types for endpoints are basic, bearer, oauth, api-key, x-api-key, apikey, and custom. The authType parameter in the endpoint definition must contain at least one of these values.

Note: The authentication types are case-insensitive but the recommended format is to use lowercase for all characters.

Authorization headers

Authorization headers for HTTPS POST requests are prepared differently depending on the authentication type.

Table 1. Example headers for authentication types
Authentication type Example authorization header
basic Authorization: Basic <secret>
bearer Authorization: Bearer <token>
oauth Authorization: Bearer <token>
api-key Api-Key: <secret>
x-api-key x-api-key: <secret>
apikey Authorization: apikey <secret>
custom Authorization: <secret>

Bearer and OAuth authentication types

If you store the Bearer token directly as an endpoint secret, you must provide the Bearer type. You might want IBM® to access your token API to retrieve the Bearer token. If so, you must provide the OAuth authentication type so that IBM can retrieve the Bearer token for you to post requests to your endpoint.

If you provide the OAuth authentication type, you must provide extra OAuth parameters in the endpoint definition in the following format:

authType: oauth
apiKeyName: MyClientSecretApiKey
customParams : [
  {name: oauth_token_endpoint, value: <token endpoint>},
  {name: client_id, value: <client id>},
  {name: client_secret, value: MyClientSecretApiKey},
  {name: grant_type, value: <grant type>}
]

The client_secret contains the secret value so you must create an API key for it. For more information, see Defining HTTP endpoints using APIs. The value of the API key is your client secret value. Here we assume that the name of the API key is MyClientSecretApiKey.

Update the endpoint definition to include the fields that are shown in the sample format. These fields include extra customParams that specify the OAuth properties. The customParams contains oauth_token_endpoint, client_id, client_secret, and grant_type. The grant_type value is optional.

Before posting alerts to the endpoint, to retrieve the Bearer token, the IBM service calls the OAuth token endpoint by using the values that you provide.